What is the Interpol Department of Cybercrime Virus? How to Remove?
The Interpol Department of Cybercrime virus, also known as the Interpol Virus for short, is a form of ransomware that effectively freezes computer systems and holds them hostage. This is under the guise of an alarming message claiming to be from the international law enforcement institution Interpol on the users’ screen that claims their system was used for illegal activities. A message prompt will appear generally stating, “Your PC is blocked due to at least one of the reasons specified below.” The potential violations include everything from violating copyright and related rights laws by downloading music, video or software to viewing and distributing child pornography. It may even go so far as to claim that although you may not be the one who is guilty of these crimes personally, the very fact that they occurred on your personal computer makes you guilty of neglectful use of your computer. The Interpol Virus falls into the category of “police” viruses that claim to be from a law enforcement authority and unfortunately the nature of these viruses is to scare the user into doing whatever it takes to not only save their computer but also avoid harsh legal penalties. In this case to unblock your computer and to avoid possible time in jail, the virus informs you that you must pay a large fine using pre-paid methods such as Ukash, PaysafeCard, PayPal or Moneypak. If the user falls for the scam, they will of course never be able to retrieve this amount of money. Please take an action to get rid of Interpol Department of Cybercrime virus completely.
The Interpol virus is a fairly new ransomware attack that targets German speaking users and blocks their computers once this virus is installed. With the computer screen locked and nowhere to go, as all functions have been disabled, a warning message is displayed claiming that the user is in violation of several copyright issues, and also makes reference to SPAM complaints and pornographic material distributions. Any user that receives this notification needs to ignore it, as it is not real and just uses the authorities name and logos in an attempt to inject fear into the computer users and convince them that they have indeed broken the laws. The Interpol Department of Cybercrime virus message demands that the user must pay 100 euro in order to remove the block on the computer and to avoid additional troubles. It goes on to explain that if the money is not paid there will be additional penalties and that legal action will be taken and criminal charges filed. It is important to understand that paying this fine will not unblock the computer. There are no dangers of legal action, as this is a completely illegitimate claim and something that has been put together by a group of computer hackers as a way to extort money from the users that they infect with the Interpol virus.
It often turns out that computer will remain blocked and the warning message will remain displayed until the virus files are deleted from the computer. Although the message states that the block will be removed once the payment is confirmed. This is not true at all and the virus will need to be completely removed from the PC in order to unblock the operations. The instructions below outline how to accomplish this and restore the computer back to the way it was before the Europol Interpol virus was installed.
To save your computer, Live Chat with YooSecurity Expert Now, or you can follow the manual removal guide below to get your problem fixed. (For advanced computer users)
The scam being attempted by the Interpol Department of Cybercrime virus is bold but it is important to note that it is also incredibly unrealistic. No official legal institution, Interpol included, tracks computer usage with the intent to lock down an individual personal computer and force the user into paying a fine through one of these payment services. Hopefully most users will keep this in mind before panicking and giving in to the scam. If not, another dead giveaway that this is in fact just a virus is that most of the messages are riddled with unprofessional grammatical errors that no professional institutions would let slip by.
Interpol Department of Cybercrime Scam Screenshot
Interpol Virus – The work of your computer has been suspended on the ground of the violation of the intellectual property law. You must pay the fine through Ukash of £100 or €100 within 24 hours. – Europe Based
Interpol Virus – The work of your computer has been suspended on the ground of the violation of the intellectual property law. You must pay the fine through Moneypak of $200 within 24 hours. – US Based
How Does Computer Become Infected with The Interpol Virus?
The Interpol Department of Cybercrime Virus, similar to other ransomware viruses, is often spread through spam e-mails with infected attachments. Of course it can also gain access though fake updates, phony downloads or essentially any malicious site. These types of viruses can even be hidden in what seem to be fairly harmless files or sites throughout the social network, helping it spread quickly between users. Once the malicious program is on your computer it changes the default settings on your PC and can even disable some of the abilities of antivirus program so it remains undetected.
Users are primarily infected with this Trojan attack via one of these two ways. The hackers use mass email spamming as a way to spread the Interpol virus, and they hide the virus within attachments that the email message encourages the users to open. They will typically keep their messages short and sweet, to the effect of, ‘Hey, someone wrote this about you online. Open up the attachment to see!’ This gets the users’ attention and curiosity gets the best of them and they go ahead and open the attachment, and while doing so they install the virus on their computers. As soon as that attachment is clicked on there is nothing that can be done to stop this Interpol Department of Cybercrime Virus from popping up, as it will install and trigger the block without the user having any idea of what is going on. It will then display the warning message and disable all other functions on the computer.
The other way that the Interpol virus is spread is through malicious websites and popular file sharing sites that receive millions of unique visitors every single day that are in search of free music, movies, and software. This type of activity is not only illegal, but also a very popular target for hackers, as they install their viruses in the same download links as the most popular downloads. When the user downloads the torrent file and installs it they don’t even think of the possibility of there being infected files that can potentially destroy their computers. While the Interpol virus isn’t specifically designed to ruin the computers, it is a good example of how easily a malicious attack can be installed on a computer.
How Can I Manually Remove Interpol Virus?
By definition, ransomware will not give up its grip on your personal computer so easily. Ransomware like the Interpol virus creates registry entries and files that allow the virus to run as soon as the computer is turned on. No matter how many times you try to reboot your system the same daunting message will remain. To manually remove Interpol Department of Cybercrime virus you will have to kill malicious processes as well as remove the directory files and registry entries that were created by the Interpol virus.
1. Launch computer in Safe mode with Networking by constantly hitting F8 key on start-up
2. Launch Task Manager (“CTRL + Shift + ESC”)
3. Select Processes Tab and end the Interpol virus processes
4. Click on Start menu and open Search Programs and Files
5. Search for and delete files created by Interpol virus: %AppData%\random
6. Go to Windows Start menu and type “Regedit” in the search box to open the Registry Editor
7. Search for and remove the following registry entries:
HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\net [date of installation]
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exe
Video Guide On How to Remove the entries Associated with the Interpol Virus
What can I do to protect myself after I remove Interpol Department of Cybercrime virus?
After successfully removing the Interpol virus from your computer it is highly advised to take precautionary steps to avoid future infection by this and all other types of viruses. It is important to be cautious with suspicious-looking e-mails, websites and even update prompts. Do not open attachments or websites sent by unknown sources and always use scrutiny if your computer has prompted you with an update that seems unfamiliar. Of course viruses can be hidden in seemingly harmless files and sent unknowingly from trusted sources so it is recommended that you always have an active and updated antivirus program running on your computer. There are several very effective antivirus programs available on this website that act as the first line of defense against these infections as well as to effectively eliminate any lingering viruses on your PC. It is highly recommended that most users utilize malware and spyware removal support to avoid any possible harm to their computers.
Potential permanent damage to your computer can be resulted if there are any mistakes made in this process. Please consult with YooSecurity Experts 24/7 online in time to save your computer:
Published by Tony Shepherd & last updated on January 14, 2014 8:35 am